Re: Field Security in odoo v8??

by

Martin Trigaux (mat)

- 02/16/2016 04:31:53

On 16/02/16 10:18, mihir shah wrote:
> I want to give fields level security in odoo v8,
> suppose certain fields should only be editable by certain group of user
> else it should be read only for all the users.
Short answer: you can't
The only built in mechanism for field level access is the attribute
"groups" that you can set on your field definition.
e.g: fields.char("Private Key", groups="base.group_system")
If your user is not in the appropriate group, the field will not exists
for him. This means that you will get an error "unknown field" if you
try to render a view with this field present.
This is a bit touchy and I wouldn't advise it in most cases.
Another solution is to check what is done for the fields password and
password_crypt in base and auth_crypt module
(openerp.base.res.res_users.USER_PRIVATE_FIELDS) where the "read" method
is overridden to prevent accessing the content of these fields but to
avoid crashing if you try to display or access it.
Martin
--
Martin Trigaux
Odoo
https://odoo.com
https://github.com/mart-e